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DETAILED ACTION 



1. 



The amendment of 19 May 2008 has been noted and made of record. 



2. 



Claims 1-18 have been presented for examination. 



Response to Arguments 



3. Applicant's arguments with respect to the prior art rejections filed 19 May 2008 have 
been fully considered but they are not persuasive. 

4. The Applicant argues that the references cannot be combined since the primary 
incorporates another patent by reference that teaches away from the secondary reference. The 
Examiner disagrees and holds that just because the primary reference offers one solution for 
encryption does not exclude it from being combinable with a secondary reference that provides 
an ulterior solution to the one incorporated by reference. Since there is no teaching precluding 
an ahemative approach to the encryption techniques incorporated by reference, the combination 
of references is proper and the rejection is maintained. 

5. In response to applicant's argiiment that there is no suggestion to combine the references, 
the examiner recognizes that obviousness can only be established by combining or modifying the 
teachings of the prior art to produce the claimed invention where there is some teaching, 
suggestion, or motivation to do so found either in the references themselves or in the knowledge 
generally available to one of ordinary skill in the art. See In re Fine, 837 F.2d 1071, 5 
USPQ2d 1596 (Fed. Cir. 1988)and/« re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992). 
In this case, the secondary reference provides a teaching, suggestion, and motivation that would 
render the claimed invention obvious. 
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6. In response to applicant's argument that the cited references fail to address the several 
aspects of security the present invention addresses, a recitation of the intended use of the claimed 
invention must result in a structural difference between the claimed invention and the prior art in 
order to patentably distinguish the claimed invention from the prior art. If the prior art structure 

is capable of performing the intended use, then it meets the claim. 

7. Applicant's arguments amount to a general allegation that the claims define a patentable 
invention without specifically pointing out how the language of the claims patentably 
distinguishes them from the references. 

8. See fiirther rejections set forth below. 

Claim Rejections - 35 USC § 103 

9. The text of those sections of Title 35, U.S. Code not included in this action can be found 
in a prior Office action. 

10. Claims 1-5-1 1 and 14-16 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
U.S. Patent No. 5,657,388 to Weiss, hereinafter Weiss, in view of U.S. Patent No. 5,479,5 12 to 
Weiss, hereinafter Weiss2. 

11. As per claims 1 and 14, Weiss teaches system for secure communication across a 
contmiunication network comprising: 

a personal code generation means having one or more identification codes and one or 
more encryption codes (Figure 1 [blocks 12, 14, 50], column 2, lines 57-64, i.e. token processor 
is utilized to generate a one-time, non-predictable code), each identification code and each 
encryption code being arranged to change with time (column 3, lines 7-11, i.e. time-varying); 
and 
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a code server including each identification code and each encryption code (Figure 1 
[blocks 16, 60], column 5, lines 4-20), the code server being synchronized with the personal code 
generation means such that each identification code of the code server change independently of 
and in synchronization with each identification code of the personal code generation means of 
the personal code generation means (column 5, line 60 to column 6, line 15); 

wherein a user transmits across the communication network (column 5, lines 4-5), each 
identification code of the personal code generation means and data encrypted with each current 
encr5rption code of the personal code generation means and the code server uses each 
identification code of the code server to authenticate the user and each encryption code of the 
code server to decrypt the transmitted data (column 2, lines 57-65, column 6, lines 16-28, i.e. 
inferring the encryption key in order to decrypt data to permit user access to the encrypted data; 
see figure 2 of U.S.P.N. 5,237,614 as incorporated by reference by Weiss). The Applicant is 
directed to the discussion of multiple reference 102 rejections at MPEP § 2131.01. 

12. Weiss does not teach one or more encryption codes that arranged to vary with time and 
are synchronized with the server. 

13. Weiss2 teaches an encryption key that is a one-time code that is synchronized similarly to 
that of Weiss (column 6, lines 5-26). 

14. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to use one or more encryption codes that arranged to vary with time and are 
synchronized with the server, since Weiss2 states at column 6, lines 15-16 that the use of one- 
time codes as encryption keys enhances security. 
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15. Regarding claims 2 and 15, Weiss incorporates U.S.P.N. 5,237,614 at column 2 lines 64- 
65. U.S.P.N. 5,237,614 teaches wherein the code server communicates to the user following 
authentication of the user by transmitting data across the communication network to the user 
encrypted with each encryption code of the code server (Figure 2 [block 52], column 9, lines 15- 

35) and the user decrypts the data transmitted by the code server with each encryption code of 
the personal code generation means (Figure 2 [block 56], column 9, lines 36-51). 

16. Regarding claim 3, 4, and 16, Weiss teaches wherein the code server stores information 

including a username and password assigned to the owner of the personal code generation means 
and the password is transmitted across the communication network and the code server uses the 
password to authenticate the user as the owner (column 1, lines 42-57). 

17. Weiss and Weiss2 do not teach that the username and password is transmitted with each 
identification code of the personal code generation means and the data encrypted with each 
encr3q)tion code and the code server uses the password to authenticate the user as the owner of 
the personal code generation means of the personal code generation means. 

18. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to transmit the username and password with the identification code and encryption 
code and using the password to authenticate the user, since Weiss teaches at column 2, lines 1 1- 
1 8 that varying the token information improves the security, as well as provides at least two 
forms of authentication of the user thereby providing better security. 
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19. Regarding claim 5, Weiss teaches wherein the personal code generation means comprises 
a personal portable token (Figure 1 [blocks 12, 14], column 4, lines 27-49). 

20. With regards to claim 6, the Examiner interprets a pendant as any hanging ornament, as 
an earring or the main piece suspended from a necklace. The definition courtesy of 
Dictionary.com Unabridged (v 1.1). Random House, Inc. 23 Apr. 2007. <Dictionary.com 
http://dictionary.reference.com/browse/pendant>. The Examiner contends that it is well known 
in the art that the personal portable token is a pendant and the Applicant now admits as such. 

2 1 . With regards to claim 7, Weiss teaches wherein the personal portable token is a card 
(column 2, lines 18-34). 

22. With regards to claim 8, Weiss teaches wherein the personal code generation means 
includes a communication port to commmicate each identification code of the personal code 
generation means and each current encryption code of the personal code generation means to a 
user's computer (column 5, lines 21-37). 

23. Regarding claim 9, Weiss teaches wherein the personal code generation means comprises 
software residing on a user's computer (column 2, lines 46-56, column 4, lines 44-58, i.e. 
machine readable form). 
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24. With regards to claim 10, Weiss teaches wherein the personal code generation means 
includes a display means (column 4, lines 46-49, i.e. laptops, notebook computers, and PDA 
devices all have display means). The Applicant admits that it is well kno\ivTi in the art that the 
display means displaying each identification code of the personal code generation means and 
each encryption code of the personal code generation means. 

25 . With regards to claim 1 1 , Weiss teaches wherein the personal code generation means 
comprises a smart card having an initialization code known to the code server and software 
residing on a user's computer (column 2, lines 18-34), the software being capable of generating 
each identification code and each encryption code based on the initialization code and a 
reference clock (column 7, lines 49-60), the code server also being capable of generating each 
identification code and each encryption code based on the initialization code and the reference 
clock (column 5, line 60 to column 6, line 15). 

26. Claims 12, 13, 17 and 18 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Weiss in view of Weiss2, and in fiirther view of U.S. Patent No. 6,981,141 to Mahne et al., 
hereinafter Mahne. 

27. As per claims 12 and 17, Weiss teaches a system for securely accessing data stored in an 
encrypted form on a storage means accessible by a communication network comprising: 

a personal code generation means having one or more identification codes (Figure 1 
[blocks 12, 14, 50], column 2, lines 57-64, i.e. token processor is utilized to generate a one-time. 
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non-predictable code), each identification code being arranged to change with time (column 3, 
lines 7-11, i.e. time- varying); 

a code server including each identification code and each encryption code (Figure 1 
[blocks 16, 60], column 5, lines 4-20), the code server being synchronized with the personal code 
generation means such that each identification code of the code server of the server change 
independently of and in synchronization with each identification code of the personal code 
generation means of the personal code generation means, the code server also having a previous 
archiving code being the archiving code last used to encrypt the key archive and a current 
archiving code being arranged to change with time (column 5, line 60 to column 6, line 15); 

wherein when a user wishes to access each stored data file, the user transmits across the 
communication network (column 5, lines 4-5), each identification code of the personal code 
generation means and data including a request to access the stored data files encrypted with 
each encryption code of the personal code generation means and the code server uses each 
identification code of the code server to authenticate the user and each encryption code of the 
code server to decrypt the transmitted data and the code server contmiunicates to the user the 
previous archiving code in encrypted form using each encryption code of the code server so that 
the user may decrypt the data to provide access to the stored data files (column 2, lines 57-65, 
column 6, lines 16-28, i.e. inferring the encryption key in order to decrypt data to permit user 
access to the encrypted data; see figure 2 of U.S.P.N. 5,237,614 as incorporated by reference by 
Weiss). 

28. Weiss does not teach one or more encryption codes that arranged to vary with time and 
are synchronized with the server, a key archive associated with the personal code generation 
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means and with one or more data files on the storage means, the key archive having information 
including the location of the data files and the encryption codes with which each of the data files 
is encrypted, the key archive being encrypted with an archiving code; and decrypting the key 
archive providing access to the stored data files. 

29. Weiss2 teaches an encryption key that is a one-time code that is synchronized similarly to 
that of Weiss (column 6, lines 5-26). 

30. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to use one or more encryption codes that arranged to vary with time and are 
synchronized with the server, since Weiss2 states at column 6, lines 15-16 that the use of one- 
time codes as encryption keys enhances security. 

3 1 . Mahne discloses a key table stored on a smart card which stores encryption keys used to 
decrypt files (column 8, lines 56-67, column 9, lines 43-50). 

32. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to include a key archive associated with the personal code generation means and with 
one or more data files on the storage means, the key archive having information including the 
location of the data files and the encryption codes with which each of the data files is encrypted, 
the key archive being encrypted with an archiving code; and decrypting the key archive 
providing access to the stored data files, since Mahne states at column 3, line 65 to column 4, 
line 2 that incorporating the key archive would provide an easy to use and inexpensive 
technology that would allow users to conveniently access encrypted documents and files. 
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33 . Regarding claims 1 3 and 18, Mahne teaches wherein when the code server transmits to 
the user the previous archiving code, the code server also transmits the current archiving code 
and the user then uses the current archiving code to encrypt the key archive when the user has 
completed accessing the stored data files and the code server stores the current archiving code as 
the previous archiving code for fixture access to the store data files (column 8, lines 56-67, 
column 9, lines 43-50). 

Conclusion 

34. THIS ACTION IS MADE FINAL. Apphcant is reminded of the extension of time 

policy as set forth in 37 CFR 1.136(a). 

35 . A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 

CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

36. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christian LaForgia whose telephone number is (571)272-3792. 
The examiner can normally be reached on Monday thru Thursday 7-5. 
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37. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kristine L. BCincaid can be reached on (571) 272-4063. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

38. Information regarding the status of an apphcation may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Christian LaForgia/ 

Primary Examiner, Art Unit 2139 

clf 



